EPSS
Percentile
46.6%
steal is vulnerable to prototype pollution. The vulnerability is possible because of the use of insecure regular expression for input in main.js, causing an application crash.
github.com/stealjs/steal/blob/c9dd1eb19ed3f97aeb93cf9dcea5d68ad5d0ced9/main.js#L2490
github.com/stealjs/steal/blob/c9dd1eb19ed3f97aeb93cf9dcea5d68ad5d0ced9/main.js#L3344
github.com/stealjs/steal/issues/1529